From: Richard Stallman <rms@gnu.org>
Cc: c.a.rendle@gmail.com, emacs-devel@gnu.org
Subject: Re: C file recoginzed as image file
Date: Sat, 06 Jan 2007 22:47:10 -0500 [thread overview]
Message-ID: <E1H3P02-0001mY-Ee@fencepost.gnu.org> (raw)
In-Reply-To: <m2irfknwx7.fsf@gmail.com> (message from Chris Moore on Sat, 06 Jan 2007 13:48:20 +0100)
That's a big assumption to make. There have been many exploitable
bugs in image libraries in recent years. Because of this, I wouldn't
figure that a jpg file is safe to open, whereas I would figure that a
C source file is safe to open.
It would never have occurred to me to have doubts about opening a JPG
file. I am sure the same is true of many Emacs users. If we believe
that having Emacs display JPG files as images is dangerous, we had
better make sure Emacs NEVER does so by default.
For the long term, we could also make Emacs thoroughly validate the
data of any JPG before calling the library to display it. That is too
much change for right now, but we could do it after the release.
> Besides which, a jpg file starts with characters that don't make any
> sense at the start of a C file. So if it looks like a plausible C
> file, it won't be treated as a jpeg.
If it looks like a plausible C file to who?
To anyone who knows C. The first two characters of a JPG file are
character codes above 128, that would obviously be invalid in C.
In the case I described
all I've seen so far is the file's name so as far as I know it is a C
source file.
How did the data get into a file in the first place? Did it go
through Emacs? Did you see the data before you saved it in a file?
I never save data from a message in a file without seeing it, but
perhaps you use a method.
next prev parent reply other threads:[~2007-01-07 3:47 UTC|newest]
Thread overview: 150+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-01-05 14:27 C file recoginzed as image file Charles Rendleman
2007-01-05 14:46 ` Chris Moore
2007-01-05 14:52 ` Lennart Borgman (gmail)
2007-01-05 15:02 ` Chris Moore
2007-01-05 19:02 ` Juanma Barranquero
2007-01-05 22:23 ` Chris Moore
2007-01-05 22:44 ` Juanma Barranquero
2007-01-05 22:47 ` Juanma Barranquero
2007-01-05 23:01 ` Chris Moore
2007-01-05 23:15 ` Juanma Barranquero
2007-01-06 18:07 ` Richard Stallman
2007-01-06 18:49 ` Chris Moore
2007-01-06 0:12 ` Jason Rumney
2007-01-06 18:07 ` Richard Stallman
2007-01-07 19:20 ` Juanma Barranquero
2007-01-08 5:33 ` Richard Stallman
2007-01-06 2:55 ` Richard Stallman
2007-01-06 10:52 ` Juanma Barranquero
2007-01-06 3:20 ` Stefan Monnier
2007-01-06 10:58 ` Juanma Barranquero
2007-01-07 16:50 ` Mathias Dahl
2007-01-07 3:46 ` Richard Stallman
2007-01-07 5:36 ` Stefan Monnier
2007-01-08 5:32 ` Richard Stallman
2007-01-08 15:09 ` Stefan Monnier
2007-01-08 15:25 ` Kim F. Storm
2007-01-08 17:32 ` Lennart Borgman (gmail)
2007-01-08 19:54 ` Eli Zaretskii
2007-01-09 11:12 ` Jan Nieuwenhuizen
2007-01-09 11:44 ` Chong Yidong
2007-01-09 11:57 ` Jan Nieuwenhuizen
2007-01-09 12:40 ` David Kastrup
2007-01-09 13:03 ` martin rudalics
2007-01-09 12:57 ` Chong Yidong
2007-01-09 16:01 ` Stuart D. Herring
2007-01-09 13:11 ` Stephen Leake
2007-01-15 6:06 ` Giorgos Keramidas
2007-01-09 21:49 ` Eli Zaretskii
2007-01-09 22:20 ` Alan Mackenzie
2007-01-08 19:48 ` Eli Zaretskii
2007-01-08 22:34 ` Stefan Monnier
2007-01-08 23:26 ` Lennart Borgman (gmail)
2007-01-09 4:08 ` Richard Stallman
2007-01-09 9:48 ` Lennart Borgman (gmail)
2007-01-09 11:06 ` Jason Rumney
2007-01-09 12:01 ` Lennart Borgman (gmail)
2007-01-09 12:16 ` Jason Rumney
2007-01-09 12:23 ` Lennart Borgman (gmail)
2007-01-10 1:04 ` Richard Stallman
2007-01-10 9:05 ` Jason Rumney
2007-01-10 9:38 ` Lennart Borgman (gmail)
2007-01-10 23:06 ` Richard Stallman
2007-01-09 21:54 ` Eli Zaretskii
2007-01-09 21:55 ` Lennart Borgman (gmail)
2007-01-09 23:56 ` Chris Moore
2007-01-10 0:21 ` Lennart Borgman (gmail)
2007-01-10 15:11 ` Chris Moore
2007-01-10 15:17 ` Lennart Borgman (gmail)
2007-01-09 21:08 ` Richard Stallman
2007-01-09 21:40 ` Lennart Borgman (gmail)
2007-01-08 17:09 ` Stephen J. Turnbull
2007-01-08 20:26 ` Juanma Barranquero
2007-01-08 20:39 ` David Kastrup
2007-01-08 20:48 ` Juanma Barranquero
2007-01-08 20:52 ` David Kastrup
2007-01-08 21:03 ` Juanma Barranquero
2007-01-09 7:57 ` David Kastrup
2007-01-09 9:08 ` Juanma Barranquero
2007-01-09 18:50 ` Chris Moore
2007-01-09 19:47 ` Juanma Barranquero
2007-01-09 22:38 ` Stefan Monnier
2007-01-09 23:19 ` Juanma Barranquero
2007-01-10 1:12 ` Stefan Monnier
2007-01-10 1:37 ` Stephen Leake
2007-01-08 22:42 ` Juanma Barranquero
2007-01-08 23:27 ` Stefan Monnier
2007-01-08 23:39 ` Juanma Barranquero
2007-01-09 2:07 ` Stefan Monnier
2007-01-08 23:32 ` Stefan Monnier
2007-01-08 23:43 ` Juanma Barranquero
2007-01-09 0:11 ` Stuart D. Herring
2007-01-09 0:19 ` Juanma Barranquero
2007-01-09 13:16 ` Stephen Leake
2007-01-09 17:57 ` Richard Stallman
2007-01-09 19:59 ` Lennart Borgman (gmail)
2007-01-10 1:04 ` Richard Stallman
2007-01-07 9:04 ` Chris Moore
2007-01-08 5:33 ` Richard Stallman
2007-01-08 13:34 ` Chris Moore
2007-01-08 18:20 ` David Kastrup
2007-01-08 21:02 ` Chris Moore
2007-01-08 21:14 ` Chris Moore
2007-01-09 0:01 ` Richard Stallman
2007-01-09 1:08 ` Chris Moore
2007-01-09 17:57 ` Richard Stallman
2007-01-09 23:24 ` Chris Moore
2007-01-09 23:39 ` Lennart Borgman (gmail)
2007-01-10 1:00 ` Chris Moore
2007-01-10 1:05 ` Lennart Borgman (gmail)
2007-01-09 4:40 ` Stephen J. Turnbull
2007-01-09 21:07 ` Richard Stallman
2007-01-10 4:23 ` Stephen J. Turnbull
2007-01-10 23:05 ` Richard Stallman
2007-01-09 13:07 ` Stephen Leake
2007-01-09 13:25 ` Juanma Barranquero
2007-01-09 13:57 ` Vinicius Jose Latorre
2007-01-09 23:37 ` Juanma Barranquero
2007-01-15 6:10 ` Giorgos Keramidas
2007-01-09 22:58 ` Chris Moore
2007-01-09 23:31 ` Juanma Barranquero
2007-01-10 1:31 ` Stephen Leake
2007-01-08 5:33 ` Richard Stallman
2007-01-07 10:05 ` Lennart Borgman (gmail)
2007-01-06 2:55 ` Richard Stallman
2007-01-06 3:16 ` Stefan Monnier
2007-01-06 12:48 ` Chris Moore
2007-01-07 3:47 ` Richard Stallman [this message]
2007-01-07 9:21 ` Chris Moore
2007-01-07 9:58 ` Lennart Borgman (gmail)
2007-01-08 5:32 ` Richard Stallman
2007-01-08 14:05 ` Reiner Steib
2007-01-08 14:16 ` Andreas Schwab
2007-01-08 18:12 ` Stuart D. Herring
2007-01-09 0:01 ` Richard Stallman
2007-01-14 2:52 ` Giorgos Keramidas
2007-01-14 18:55 ` Sascha Wilde
2007-01-15 14:58 ` Richard Stallman
2007-01-15 15:14 ` Jason Rumney
2007-01-19 16:14 ` Juanma Barranquero
2007-01-19 16:33 ` Jason Rumney
2007-01-19 17:10 ` Juanma Barranquero
2007-01-20 2:10 ` Richard Stallman
2007-01-20 23:38 ` Juanma Barranquero
2007-01-21 22:27 ` Richard Stallman
2007-01-21 22:36 ` Jason Rumney
2007-01-21 22:47 ` Juanma Barranquero
2007-01-22 9:04 ` Richard Stallman
2007-01-14 23:23 ` Richard Stallman
2007-01-15 1:14 ` Stefan Monnier
2007-01-15 5:59 ` Giorgos Keramidas
2007-01-15 23:27 ` Richard Stallman
2007-01-07 11:49 ` Jason Rumney
2007-01-07 16:21 ` Stefan Monnier
2007-01-08 5:33 ` Richard Stallman
2007-01-06 2:55 ` Richard Stallman
2007-01-06 12:42 ` Chris Moore
2007-01-07 3:47 ` Richard Stallman
2007-01-07 9:28 ` Michaël Cadilhac
2007-01-08 5:32 ` Richard Stallman
2007-01-06 2:55 ` Richard Stallman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=E1H3P02-0001mY-Ee@fencepost.gnu.org \
--to=rms@gnu.org \
--cc=c.a.rendle@gmail.com \
--cc=emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).